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This paper describes the “Integrated Software Development Methodology (ISDM)” which is 
being accomplished by Hughes Aircraft Company, Software Engineering Division, in Fullerton, 
California and is sponsored by the Air Force Wright Aeronautical Laboratories, Flight Dynamics 
Laboratory at Wright Patterson AFB, Dayton, Ohio under Contract F33615-80-C-3614. 

. The ISDM project is currently in progress and its purpose is to study in detail state-of-the-art 
analytical techniques for the development and verification of digital flight control software and 
produce a practical designer-oriented development and verification methodology. 

SCOPE 

The scope of this project is limited to the study of existing tools and analytical techniques 
and the production of a practical ISDM guidebook. The methodology selected is adapted to flight 
control software, but is also applicable to most real time software developments. 

The problem of evaluating the complete system is called validation, while the problem of 
checking the software at each stage of the design process is called verification. This project is 
concerned with verification. 

The effectiveness of the analytic techniques chosen for the development and verification 
methodology will be assessed both technically and financially. Technical assessments analyze the 
error preventing and detecting capabilities of the chosen technique in all of the pertinent software 
development phases. Financial assessments describe the cost impact of using the techniques, 
specifically, the cost of implementing and applying the techniques as well as the realizable cost 
savings. Both the technical and financial assessment will be quantitative where possible. In the 
case of techniques which cannot be quantitatively assessed, quahtative judgeme'n^ will be ex- 
pressed about the effectiveness and cost of the techniques. The reasons why quantitative assess- 
ments are not possible will be documented. 

BACKGROUND 

The design of digital flight control systems has been the role of the control engineer rather 
than the computer or software specialist. Research into software design and verification has been 
the role of very specialized software experts. The results of this research have not always been 
practical in helping the flight control system designer with his tasks. Many tools and techniques 
are too complex to adapt to the flight control problem. Other tools are too expensive to main- 
tain and operate for the flight control problem. 
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SUMMARY OF OBJECTIVES AND RESULTS 


The objectives and results being discussed here reflect those individual objectives and accom- 
plishments to date. 

Metrics 

The development of metrics which can be applied to assess the design quality was one of our 
first objectives. The effort was to be directed toward predictive metrics with the intention of 
producing metrics which can be used by a flight control systems engineer to determine the quality 
of the design produced and the likelihood of a successful implementation. 

The metrics are being developed to aid in predicting such things as how many errors are 
likely, how long it will take to test, how long it will take to correct an error, etc. 

One of the results is that a set of concepts which provide the foundation for the ISDM metrics 
has been developed. The equations which will be used as the basis of procedures to calculate pre- 
dictors for the testability, reliability and flexibility have also been defined. 

Guidebook 

The overall objective is to create an integrated set of techniques and tools which are usable 
by a digital flight control systems engineer for development of a DECS. Primary emphasis is to be 
on those activities involved in generating the DECS software requirements specification, performing 
the software design, and verifying the software design through software integration. 

The guidebook represents the bulk of the output from this project and will be the most 
visible. Emphasis must be placed on generating a document that is clear, understandable, and 
usable while fulfilling its intended role of a guidebook. 

The results thus far have produced a draft guidebook that is ready to be applied during the 
experiment. The guidebook goes beyond the explanations of the tool and technique description 
and use. There are discussions regarding the development environment and major issues of DECS 
software development. These are included to provide a backdrop for the actual application of the 
tools and techniques. 

As a result of numerous reviews on various versions of the draft guidebook, there now exists, 
a solid foundation from which to build. This building will occur as a result of the experiment. As 
different techniques are applied and as data is collected and analyzed, the guidebook will be up- 
dated. The guidebook will be maintained in a dynamic fashion, being changed as dictated by the 
experiment results. 

Experiment 

Having selected candidate analytic techniques and having organized these techniques into a 
guidebook, there remains the problem of objectively and quantitatively assessing the value of these 
techniques in producing a reliable flight control software system. For this reason, an experiment 
will be conducted in which a small sample flight control system will be developed using the ISDM 
guidebook. 
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The experiment will begin with the specification and progress through all software develop- 
ment phases. For each phase, an experiment will be conducted in which the analytic techniques 
and tools described in the guidebook will be applied. The resources expended in the application 
will be monitored and errors detected will be monitored and summarized. 

In each of the development phases of the experiment, two classes of activity will take place. 
The first class of activities will be the actual application of the techniques in the ISDM guidebook 
to produce software. The second class of activities will be collection and analysis of the data 
pointing out the effectiveness of each technique, the impact of each technique on the overall 
schedule, the cost to prevent/detect errors, and the impact of errors on the total development 
effort. 

Results thus far include the development of the experiment plan. This document is a de- 
tailed description of the activities which will occur. The plan includes the following factors to be 
considered in evaluating the guidebook; 

1 . Usability by a flight control engineer, 

2. Cost to use, 

3. Quality of the result and software. 

The plan delineates the following data to be captured; 

1 . Errors, 

2. Cost, 

3. System documents, 

4. Subject comments. 

CONCLUSION 

The ISDM project has just started in the second phase, the experiment. Although it is too 
early to provide firm conclusions, we are already starting to see some indications of not only which 
tools/languages may be useful, but also identify distinct weaknesses. The experiment will help to 
proye.out these preliminary “feelings” and provide quantification, at least when applied to metho- 
dologies for specific applications. 
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ISDM GOAL 

EVALUATE ANALYTIC METHODS FOR VERIFICATION OF 
DIGITAL FLIGHT CONTROL SOFTWARE " 



HUGHES 


RESTATED 

DEVELOP GUIDEBOOK FOR AN ISDM 

(INTEGRATED SOFTWARE DEVELOPMENT METHODOLOGY) 
AND QUANTITATIVELY EVALUATE THE EFFECTS ON COST 
AND RELIABILITY OF USING ISDM FOR DEVELOPING DIGITAL 
FLIGHT CONTROL SOFTWARE 
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• DEVELOF> GUIDEBOOK FOR ISDM 


• CONDUCT DFCS EXPERIMENT 

.1 

• EVALUATE COST AND ERROR DETECTION 
EFFECTIVENESS 

i 

• DEVELOP DESIGN METRICS 

1 

• EVALUATE OVERALL ISDM COST AND RELIABILITY 
EFFECTIVENESS 


• RECOMMEND ISDM USAGE 

• RECOMMEND AREAS FOR FURTHER STUDY 
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ISDM GUIDEBOOKS CONTENTS PER 

PHASE 

1 . 

• DESCRIPTION OF PROCEDURES 

i • ' 

3 
5 

• DESCRIPTION OF SUPPORTING TOOLS AND TECHNIQUES 

' i 

\ • 

• TYPES OF EPIRORS DETECTED 

• REVIEW PROCEDURES 

I 

• INTERFACE WITH OTHER PHASES 

• INTERFACE BETWEEN TOOLS AND TECHNIQUES 

.1 

• resourcesIneeded for each tool and technique 

• GUIDELINES |fOR USING EACH TOOL AND TECHNIQUE 
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EXPERIMENT PLAN SUMMARY 
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• IMPLEMENT SAMPLE SYSTEM USING TOOLS/ 
TECHNIQUES 

• RECORD DAILY ACTIVITIES FOR COST ANALYSIS 

• RECORD GUIDEBOOK COMMENTS FOR FINAL DRAFT 

• RECORD ERRORS DETECTED AT EACH PHASE 

• ANALYZE TOOL/TECHNIQUE EFFECTIVENESS 
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EXPERIMENTAL APPROACH 
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ASSESSMENT REVIEW 


• GUIDEBOOK USABILITY AND ACCURACY 

• COST OF TOOL/TECHNIQUE APPLICATION 

• QUALITY OF SOFTWARE/DOCUMENTATION 

RELIABILITY 

SAFETY 

TESTABILITY 

MAINTAINABILITY 

FLEXIBILITY 
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TOOL ANALYSIS 
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• TRAINING COSTS 

• GUIDEBOOK EFFECTIVENESS AND ACCURACY 

• ERROR DETECTION CAPABILITY 

'. * 'I * ' ■ - ' ■ 

• DOCUMENTATION SUPPORT 
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PLANNED ACTIVITIES 
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• COMPLETE EXPERIMENT 

• EVALUATE RESULTS 

• RECOMMEND IMPROVEMENTS 

• TAILOR GUIDEBOOK 
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